Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
In reply to the discussion: Russians hacked server called 'Solar Winds' (Pentagon, State, Justice, Treasury, NASA, NSA) [View all]Klaralven
(7,510 posts)39. SolarWinds Orion agent requirements
Account Privileges
If you want to deploy agents from the Orion server, the following requirements must be met.
Windows
The account used for remote deployment must have access to the administrative share on the target computer: admin$temp.
User Account Control (UAC) must either be disabled on the target computer, or the built-in Administrator account must be used.
You may need to disable UAC remote restrictions.
Other remote or mass deployment methods do not have the same requirements.
Linux/Unix
An account that can connect remotely through SSH.
An account that can install software and create a user and group.
See Credentials and privileges used on Linux/Unix-based computers for more information.
To deploy a Linux/Unix agent via pull deployment, make sure that the following conditions are met:
Orion Web Console must be accessible from the target Linux computer.
Pull deployment uses wget, curl, or perl to download the installation files from the chosen polling engine.
Agent port requirements
The following ports need to be open both to deploy and to update Orion Agents:
Target computer where the agent is deployed
Server hosting the Orion Platform polling engine
Local agent ports
(followed by quite a list of open ports)
FIPS Support
Starting with Orion Platform 2020.2, Orion Agents support FIPS.
To run FIPS-compliant Orion Agents, enable FIPS on the target computer. FIPS is configured both on the main polling engine and on the polled agent computer so all communication between them is FIPS-compliant.
Remote deployment in FIPS mode is disabled. To run Orion Agents in FIPS-compliant mode, deploy agents manually (Windows or Linux/Unix).
(manual agent deployment would be labor intensive, so FIPS support probably not much used - too bad)
https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-agent-requirements-sw476.htm
If you want to deploy agents from the Orion server, the following requirements must be met.
Windows
The account used for remote deployment must have access to the administrative share on the target computer: admin$temp.
User Account Control (UAC) must either be disabled on the target computer, or the built-in Administrator account must be used.
You may need to disable UAC remote restrictions.
Other remote or mass deployment methods do not have the same requirements.
Linux/Unix
An account that can connect remotely through SSH.
An account that can install software and create a user and group.
See Credentials and privileges used on Linux/Unix-based computers for more information.
To deploy a Linux/Unix agent via pull deployment, make sure that the following conditions are met:
Orion Web Console must be accessible from the target Linux computer.
Pull deployment uses wget, curl, or perl to download the installation files from the chosen polling engine.
Agent port requirements
The following ports need to be open both to deploy and to update Orion Agents:
Target computer where the agent is deployed
Server hosting the Orion Platform polling engine
Local agent ports
(followed by quite a list of open ports)
FIPS Support
Starting with Orion Platform 2020.2, Orion Agents support FIPS.
To run FIPS-compliant Orion Agents, enable FIPS on the target computer. FIPS is configured both on the main polling engine and on the polled agent computer so all communication between them is FIPS-compliant.
Remote deployment in FIPS mode is disabled. To run Orion Agents in FIPS-compliant mode, deploy agents manually (Windows or Linux/Unix).
(manual agent deployment would be labor intensive, so FIPS support probably not much used - too bad)
https://documentation.solarwinds.com/en/Success_Center/orionplatform/content/core-agent-requirements-sw476.htm
Edit history
Please sign in to view edit histories.
40 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
RecommendedHighlight replies with 5 or more recommendations
Russians hacked server called 'Solar Winds' (Pentagon, State, Justice, Treasury, NASA, NSA) [View all]
My Pet Orangutan
Dec 2020
OP
Anything that technically funnels down to a single pinch point can never be secure.
Blue_true
Dec 2020
#16
I know of one company that won't put anything critical on a connected system.
Blue_true
Dec 2020
#24
A final explanation - when you have a quasi pinch point like Solar Wind
My Pet Orangutan
Dec 2020
#30
The reason there is no overriding authority is the system was designed
My Pet Orangutan
Dec 2020
#25
Why wouldn't there be restricted "roles" that only allow monitoring privileges
crimycarny
Dec 2020
#33
Seems like Trump's moves of late have quite a nefarious lean. Like the replacement of key positions
The Wielding Truth
Dec 2020
#29
Wow. Just wow.... and they wonder why we are always "negative" about this PT Barnum..
The Wielding Truth
Dec 2020
#28
Story a few years ago that Putin had ordered all top secret info in Russia to be on paper only.
Midnight Writer
Dec 2020
#38
So much for auditing, intrusion and network detection software that are best practices.
TheBlackAdder
Dec 2020
#40